Quantifying Compliance Cost

Problem to solve

Compliance is an important, valuable function for enterprise organizations. There are many people and processes involved due to its complex nature. It is difficult to articulate the value a compliance person or team adds to an organization and, specifically for GitLab, it is difficult to articulate the value we add to our customers when implementing compliance features.

There is no clear, understood consensus on the amount of time and money spent on compliance activities.

Further detail

We can reasonably assume a few key details about Cameron (Compliance Manager). This information should inform our rationale for prioritizing features and help Cameron articulate business value for adopting GitLab Premium and Ultimate.

The Super Official Math

• GitLab's Compliance Team: 9 people
• Average Salary: $123,498
  • Lowest location factor: 0.633
  • Thriving
  • United States
  • Security Analyst (2 Manager, 6 Senior)
  • +15% Premium for Director
  • Conservative estimates and many unknowns
• Average time spent on compliance tasks: 55% (22 hours per week)
• Average number of system owners (non-compliance) supporting compliance tasks: 10
  • Engineering Manager?
  • Director of _____?
  • ???
  • ???
  • Need: average salaries, hours per control, number of controls. Per year x number of estimated/expected audits annually.